A supply chain attack exploited leaked access tokens in the Open VSX registry, leading to malicious extension uploads and a malware campaign called βGlassWormβ. The incident was promptly contained, with security measures enhanced to prevent future breaches. #GlassWorm #OpenVSX #EclipseFoundation
Keypoints
- Open VSX suffered a leak of over 550 secrets used to publish extensions.
- Threat actors launched a malware campaign named βGlassWormβ targeting developer credentials.
- The malware aimed to steal data and cryptocurrency wallet information from affected extensions.
- Security measures were improved, including token revocation and increased threat intelligence sharing.
- The attack has expanded to GitHub, signifying ongoing malicious activity in open-source ecosystems.